Re: Tomcat SMPT TLS1.2

2024-03-11 Thread Robert Turner 
You can define Java properties in one of the Tomcat files
(catalina.properties I believe), albeit it may depend on the OS /
deployment for your specific instance as some use different loaders -- the
default scripts "catalina.sh/bat" will use that file, but
some distributions load Tomcat differently.

On Mon, Mar 11, 2024 at 12:50 PM Brandie Nickey
 wrote:

> That makes sense,  I did see a file in our java mail jar called
> SocketFetcher that has a line to the extent saying 'if properties not set,
> use TLS 1.0 for smtp' .  My hope was to find where the heck to set the mail
> properties, but sounds like that's in another sun file.
>
> -Original Message-
> From: Ivano Luberti 
> Sent: Monday, March 11, 2024 9:46 AM
> To: users@tomcat.apache.org
> Subject: Re: Tomcat SMPT TLS1.2
>
> [You don't often get email from lube...@archicoop.it.invalid. Learn why
> this is important at https://aka.ms/LearnAboutSenderIdentification ]
>
> I had issues in the past connectin to mailserver using TLS and solved them
> upgrading the webapplicatio library from mail-1.4.jar to
> javax.mail-1.6.2.jar
>
> Il 11/03/2024 17:41, Robert Turner ha scritto:
> > AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
> > application you are running typically. It's possible (but not
> > guaranteed) that the web application is using the standard Java
> > libraries for SMTP, and as such, you may (but again not guaranteed) be
> > able to configure some of the mail settings via Java system properties
> > (
> > https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> > ummary.html
> > ).
> >
> > Best bet is to work with your application provider and their
> > documentation / support.
> >
> > Also, consider upgrading Java and Tomcat to current / supported
> > versions as those versions are both very old and likely have many
> > security issues that need patching.
> >
> >
> >
> > On Mon, Mar 11, 2024 at 12:39 PM Jost
> > Richstein
> > wrote:
> >
> >> Hi,
> >>
> >> this is definitely not a Tomcat problem - take a look at:
> >>
> >>
> >> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
> >> summary
> >> .html
> >> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package
> >> -summary.html>
> >>
> >>
> >> -Ursprüngliche Nachricht-
> >> Von: Brandie Nickey
> >> Gesendet: Montag, 11. März 2024 17:35 An:users@tomcat.apache.org
> >> Betreff: Tomcat SMPT TLS1.2
> >>
> >> Hi all,
> >>
> >> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121.  I have
> >> been trying to find out where to configure outbound smtp messages to
> >> use only TLS1.2.  I've found plenty of info on the https using TLS1.2
> >> and have configured that just fine in server.xml file and in the Java
> >> tab of the tomcatw.exe file, but that doesn't seem to be applying to
> the emails
> >> outgoing from the webapp.   Anyone have any ideas? (Also upgrading is
> not
> >> an
> >> option as this tomcat/java combo is the only one supported by the
> >> vendor for our webapp version).
> >>
> >> Thank you!
> >> Brandie
> >>
> >>
> >>
> >> -
> >> To unsubscribe, e-mail:users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail:users-h...@tomcat.apache.org
> >>
> >>
> --
>
> Archimede Informatica tratta i dati personali in conformità a quanto
> stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
> 2003 n. 196
> per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
> Informativa completa
> <
> http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf
> >
>
> Il contenuto di questo messaggio e dei suoi eventuali allegati è
> riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di
> contattare telefonicamente o via e-mail il mittente ai recapiti sopra
> indicati e di cancellare il messaggio e gli eventuali allegati dal Suo
> sistema senza farne copia o diffonderli. Le opinioni espresse sono quelle
> dell'autore e non rappresentano necessariamente quelle della Società.
> This message and any attachment are confidential.If you are not the
> intended recipient, please telephone or email the sender and delete this
> message and any attachment from your system. If you are not the intended
> recipient you must not copy this message or attachment or disclose the
> contents to any other person. Any opinions presented are solely those of
> the author and do not necessarily represent those of the Company.
>
> dott. Ivano Mario Luberti
>
> Archimede Informatica società cooperativa a r. l.
> Via Gereschi 36, 56127 Pisa
>
> tel.: +39 050/580959 | fax: +39 050/8932061
>
> web: www.archicoop.it
> linkedin: www.linkedin.com/in/ivanoluberti
> facebook: www.facebook.com/archimedeinformaticapisa/
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

RE: Tomcat SMPT TLS1.2

2024-03-11 Thread Brandie Nickey 
That makes sense,  I did see a file in our java mail jar called SocketFetcher 
that has a line to the extent saying 'if properties not set, use TLS 1.0 for 
smtp' .  My hope was to find where the heck to set the mail properties, but 
sounds like that's in another sun file.  

-Original Message-
From: Ivano Luberti  
Sent: Monday, March 11, 2024 9:46 AM
To: users@tomcat.apache.org
Subject: Re: Tomcat SMPT TLS1.2

[You don't often get email from lube...@archicoop.it.invalid. Learn why this is 
important at https://aka.ms/LearnAboutSenderIdentification ]

I had issues in the past connectin to mailserver using TLS and solved them 
upgrading the webapplicatio library from mail-1.4.jar to javax.mail-1.6.2.jar

Il 11/03/2024 17:41, Robert Turner ha scritto:
> AFAIK, there is nothing in Tomcat for SMTP. This would be part of the 
> application you are running typically. It's possible (but not 
> guaranteed) that the web application is using the standard Java 
> libraries for SMTP, and as such, you may (but again not guaranteed) be 
> able to configure some of the mail settings via Java system properties 
> ( 
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> ummary.html
> ).
>
> Best bet is to work with your application provider and their 
> documentation / support.
>
> Also, consider upgrading Java and Tomcat to current / supported 
> versions as those versions are both very old and likely have many 
> security issues that need patching.
>
>
>
> On Mon, Mar 11, 2024 at 12:39 PM Jost 
> Richstein
> wrote:
>
>> Hi,
>>
>> this is definitely not a Tomcat problem - take a look at:
>>
>>
>> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
>> summary
>> .html
>> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package
>> -summary.html>
>>
>>
>> -Ursprüngliche Nachricht-
>> Von: Brandie Nickey
>> Gesendet: Montag, 11. März 2024 17:35 An:users@tomcat.apache.org
>> Betreff: Tomcat SMPT TLS1.2
>>
>> Hi all,
>>
>> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121.  I have 
>> been trying to find out where to configure outbound smtp messages to 
>> use only TLS1.2.  I've found plenty of info on the https using TLS1.2 
>> and have configured that just fine in server.xml file and in the Java 
>> tab of the tomcatw.exe file, but that doesn't seem to be applying to the 
>> emails
>> outgoing from the webapp.   Anyone have any ideas? (Also upgrading is not
>> an
>> option as this tomcat/java combo is the only one supported by the 
>> vendor for our webapp version).
>>
>> Thank you!
>> Brandie
>>
>>
>>
>> -
>> To unsubscribe, e-mail:users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail:users-h...@tomcat.apache.org
>>
>>
--

Archimede Informatica tratta i dati personali in conformità a quanto stabilito 
dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>

Il contenuto di questo messaggio e dei suoi eventuali allegati è riservato. Nel 
caso in cui Lei non sia il destinatario, La preghiamo di contattare 
telefonicamente o via e-mail il mittente ai recapiti sopra indicati e di 
cancellare il messaggio e gli eventuali allegati dal Suo sistema senza farne 
copia o diffonderli. Le opinioni espresse sono quelle dell'autore e non 
rappresentano necessariamente quelle della Società.
This message and any attachment are confidential.If you are not the intended 
recipient, please telephone or email the sender and delete this message and any 
attachment from your system. If you are not the intended recipient you must not 
copy this message or attachment or disclose the contents to any other person. 
Any opinions presented are solely those of the author and do not necessarily 
represent those of the Company.

dott. Ivano Mario Luberti

Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa

tel.: +39 050/580959 | fax: +39 050/8932061

web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Tomcat SMPT TLS1.2

2024-03-11 Thread Brandie Nickey 
Thanks so much for the guidance.  Have a call with the vendor in about an hour 
to discuss - my fear is that the TLS 1.0 was hard coded somewhere but will take 
the info provided and see what they say.  Cheers! 

-Original Message-
From: Robert Turner  
Sent: Monday, March 11, 2024 9:42 AM
To: Tomcat Users List 
Subject: Re: Tomcat SMPT TLS1.2

[You don't often get email from rtur...@e-djuster.ca.invalid. Learn why this is 
important at https://aka.ms/LearnAboutSenderIdentification ]

AFAIK, there is nothing in Tomcat for SMTP. This would be part of the 
application you are running typically. It's possible (but not guaranteed) that 
the web application is using the standard Java libraries for SMTP, and as such, 
you may (but again not guaranteed) be able to configure some of the mail 
settings via Java system properties ( 
https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
).

Best bet is to work with your application provider and their documentation / 
support.

Also, consider upgrading Java and Tomcat to current / supported versions as 
those versions are both very old and likely have many security issues that need 
patching.



On Mon, Mar 11, 2024 at 12:39 PM Jost Richstein 
wrote:

> Hi,
>
> this is definitely not a Tomcat problem - take a look at:
>
>
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> ummary
> .html
> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
> summary.html>
>
>
> -Ursprüngliche Nachricht-
> Von: Brandie Nickey 
> Gesendet: Montag, 11. März 2024 17:35
> An: users@tomcat.apache.org
> Betreff: Tomcat SMPT TLS1.2
>
> Hi all,
>
> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121.  I have 
> been trying to find out where to configure outbound smtp messages to 
> use only TLS1.2.  I've found plenty of info on the https using TLS1.2 
> and have configured that just fine in server.xml file and in the Java 
> tab of the tomcatw.exe file, but that doesn't seem to be applying to the 
> emails
> outgoing from the webapp.   Anyone have any ideas? (Also upgrading is not
> an
> option as this tomcat/java combo is the only one supported by the 
> vendor for our webapp version).
>
> Thank you!
> Brandie
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat SMPT TLS1.2

2024-03-11 Thread Ivano Luberti 
I had issues in the past connectin to mailserver using TLS and solved 
them upgrading the webapplicatio library from mail-1.4.jar to 
javax.mail-1.6.2.jar


Il 11/03/2024 17:41, Robert Turner ha scritto:

AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
application you are running typically. It's possible (but not guaranteed)
that the web application is using the standard Java libraries for SMTP, and
as such, you may (but again not guaranteed) be able to configure some of
the mail settings via Java system properties (
https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
).

Best bet is to work with your application provider and their
documentation / support.

Also, consider upgrading Java and Tomcat to current / supported versions as
those versions are both very old and likely have many security issues that
need patching.



On Mon, Mar 11, 2024 at 12:39 PM Jost Richstein
wrote:


Hi,

this is definitely not a Tomcat problem - take a look at:


https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary
.html



-Ursprüngliche Nachricht-
Von: Brandie Nickey
Gesendet: Montag, 11. März 2024 17:35
An:users@tomcat.apache.org
Betreff: Tomcat SMPT TLS1.2

Hi all,

I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121.  I have been
trying to find out where to configure outbound smtp messages to use only
TLS1.2.  I've found plenty of info on the https using TLS1.2 and have
configured that just fine in server.xml file and in the Java tab of the
tomcatw.exe file, but that doesn't seem to be applying to the emails
outgoing from the webapp.   Anyone have any ideas? (Also upgrading is not
an
option as this tomcat/java combo is the only one supported by the vendor
for
our webapp version).

Thank you!
Brandie



-
To unsubscribe, e-mail:users-unsubscr...@tomcat.apache.org
For additional commands, e-mail:users-h...@tomcat.apache.org



--

Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno 
2003 n. 196

per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa 



Il contenuto di questo messaggio e dei suoi eventuali allegati è 
riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di 
contattare telefonicamente o via e-mail il mittente ai recapiti sopra 
indicati e di cancellare il messaggio e gli eventuali allegati dal Suo 
sistema senza farne copia o diffonderli. Le opinioni espresse sono 
quelle dell'autore e non rappresentano necessariamente quelle della Società.
This message and any attachment are confidential.If you are not the 
intended recipient, please telephone or email the sender and delete this 
message and any attachment from your system. If you are not the intended 
recipient you must not copy this message or attachment or disclose the 
contents to any other person. Any opinions presented are solely those of 
the author and do not necessarily represent those of the Company.


dott. Ivano Mario Luberti

Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa

tel.: +39 050/580959 | fax: +39 050/8932061

web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/

Re: Tomcat SMPT TLS1.2

2024-03-11 Thread Robert Turner 
AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
application you are running typically. It's possible (but not guaranteed)
that the web application is using the standard Java libraries for SMTP, and
as such, you may (but again not guaranteed) be able to configure some of
the mail settings via Java system properties (
https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
).

Best bet is to work with your application provider and their
documentation / support.

Also, consider upgrading Java and Tomcat to current / supported versions as
those versions are both very old and likely have many security issues that
need patching.



On Mon, Mar 11, 2024 at 12:39 PM Jost Richstein 
wrote:

> Hi,
>
> this is definitely not a Tomcat problem - take a look at:
>
>
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary
> .html
> 
>
>
> -Ursprüngliche Nachricht-
> Von: Brandie Nickey 
> Gesendet: Montag, 11. März 2024 17:35
> An: users@tomcat.apache.org
> Betreff: Tomcat SMPT TLS1.2
>
> Hi all,
>
> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121.  I have been
> trying to find out where to configure outbound smtp messages to use only
> TLS1.2.  I've found plenty of info on the https using TLS1.2 and have
> configured that just fine in server.xml file and in the Java tab of the
> tomcatw.exe file, but that doesn't seem to be applying to the emails
> outgoing from the webapp.   Anyone have any ideas? (Also upgrading is not
> an
> option as this tomcat/java combo is the only one supported by the vendor
> for
> our webapp version).
>
> Thank you!
> Brandie
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>